About me
Seasoned Cybersecurity GRC professional with 10+ years in banking and finance. As Manager of IT Security Risk Assessment & Change Management, I lead enterprise risk management, security assessments, compliance, and change governance. Expert in implementing global frameworks including ISO 27001, NIST, COBIT, SOC 2, SWIFT, and PCI DSS. I blend deep technical skills in vulnerability assessment, penetration testing, SIEM, and ethical hacking with strong governance and leadership to build resilient, secure banking environments. Passionate about turning risks into robust security postures.
M.A. in Project Management | B.Sc. in Computer Science
Skills and Tools
Governance & Compliance
ISO 27001 (ISMS Implementation & Audit Support)
PCI DSS Compliance
Security Policies & Procedures Development
Internal & External Audit Coordination
Control Design & Implementation
Regulatory Compliance Mapping
Risk Management & Assessment
Risk Assessment & Risk Register Management
Risk Treatment Planning
Business Impact Analysis (BIA)
Third-Party Risk Management
Vulnerability Assessment (VA)
Penetration Testing (PT) Coordination
Offensive Security & Testing
Ethical Hacking Methodologies
Web Application Security Testing
Burp Suite (Proxy, Scanner, Repeater)
OWASP Top 10 Testing
Reconnaissance & Enumeration
Basic Exploitation Techniques
Security Architecture & Engineering
Secure System Design Principles
Access Control & Identity Management
Network Security Concepts
Secure Configuration & Hardening
API Security Basics
Secure SDLC Awareness
Audit, Monitoring & Reporting
Security Audits & Gap Analysis
Control Effectiveness Review
Compliance Reporting
KPI / KRI Definition & Tracking
Log Review & Basic Monitoring
Documentation & Evidence Management
Security Awareness & Training
Security Awareness Programs
Phishing Awareness & Simulation Support
Policy Awareness Campaigns
End-User Training Materials
Social Engineering Risk Education
Compliance Specific Awarness Training